![]() ![]() ![]() Although Air-Fi works just fine as a single thread on a single-core system, going multicore works even better. Once they got the slower DIMMs running at the correct 2400-MHz rate, the rest was cake.įor extra credit, Guri and his team also tried single-core versus multicore versions of the attack. In both cases, they overclocked the memory interface, which is very doable on most systems. Guri and his team experimented with both DDR3-2133 and DDR3-1600 DIMMs and successfully compromised them as well. Timing loops space out the transactions to match the timing specified by Wi-Fi standard.Ĭlever, but what if your computer doesn’t use DDR4-2400 memory? Surely Air-Fi won’t work with faster or slower memories, will it? Turns out, it does. (CPU-to-memory transactions are a lot faster than Wi-Fi bit times, hence the large block size.) To send a “0” the software does nothing and waits. To transmit a “1” bit, the software performs a flurry of memory transactions by moving a few megabytes of arbitrary data in order to generate sufficient activity on the SDRAM bus. The DRAM clock provides the carrier frequency, and data transactions modulate it to encode data. That frequency sits right on top of the Wi-Fi band, so Guri and his team used this convenient (inconvenient?) parallel as the basis for their hack. As the name suggests, these operate at a constant 2400 MHz, with memory addresses and data synchronized to the edges of the clock. If you’ve assembled a new PC lately, you know that DDR4-2400 memory sticks are common. Since Air-Fi mimics Wi-Fi, anything in the area with a Wi-Fi interface can pick up the exfiltrated data, including cellphones, wireless routers, access points, harmless IoT gadgets, or other computers. If you want to know how it works, or even to try it out for yourself, the detailed description is in his research paper. And, since most computers today use standard DIMMs, the hardware is readily available, and you’re pretty much hosed. Specifically, it subverts your computer’s DRAM into wiggling the memory bus at 2.4 GHz – exactly the frequency range of the 802.11b/g/n Wi-Fi standards. It relies on the underlying electromagnetic radiation that results from any signal transmitted over a wire. The latest installment in their oeuvre is nicknamed Air-Fi, and it MacGyvers a Wi-Fi interface out of hardware that’s already in your PC. Or demoralizing, depending on your job description. Many ways, in fact, and some are truly surprising. But Mordechai Guri and his merry band of helpers at Ben-Gurion University of the Negev in Israel has found a way. Seems pretty secure, right? With no network and no place to stick removable media, there is physically no way to get data off of the computer. That means no Ethernet, no Wi-Fi, no Bluetooth – nothing that could potentially be used to send data outside the machine. An air-gapped computer has no CD-ROM burner, no floppy disk drive, no SD card interface, no USB slots, and no network interface of any kind. “Air gapping” is the gold standard for trapping sensitive information inside a computer and making sure it can’t be shared, transmitted, or go walkabout. ![]() Do you want to keep secure information inside? Do you want to prevent outside malware from getting in? Do you want to limit access to only the right people? The list goes on. There are a lot of ways to secure a computer, depending on what you’re trying to prevent. You’ve got to give them points for originality. And one man and his crack research team have found dozens of surprising ways to crack seemingly impenetrable computers. Some security weaknesses would be hilarious if they weren’t so serious. ![]()
0 Comments
Leave a Reply. |